EP1405483B1 - Method and system for bearer authorization in a wireless communication network - Google Patents
Method and system for bearer authorization in a wireless communication network Download PDFInfo
- Publication number
- EP1405483B1 EP1405483B1 EP01960407A EP01960407A EP1405483B1 EP 1405483 B1 EP1405483 B1 EP 1405483B1 EP 01960407 A EP01960407 A EP 01960407A EP 01960407 A EP01960407 A EP 01960407A EP 1405483 B1 EP1405483 B1 EP 1405483B1
- Authority
- EP
- European Patent Office
- Prior art keywords
- control function
- authorization
- wireless communication
- communication network
- binding information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Definitions
- the present invention relates to a method and system for providing improved security for bearer authorization in a wireless communication network such as a Universal Mobile Telecommunications System (UMTS) network.
- UMTS Universal Mobile Telecommunications System
- GSM Global System for Mobile communications
- the new General Packet Radio Services (GPRS) network will offer operators the ability to charge by the packet, and support data transfer across a high speed network at up to eight times slot radio interface capacity.
- GPRS introduces two new nodes into the GMS network, a Serving GPRS Support Node (SGSN) and a Gateway GPRS Support Node (GGSN).
- the SGSN keeps track of the location of the mobile terminal within its service area and sends and receives packets to/from the mobile terminal, passing them on to the RNC (Radio Network Controller) or to the GGSN.
- the GGSN receives the packets from external network, passing them on to the SGSN, or receives the packets from the SGSN, passing them on to the external network.
- the UMTS Universal Mobile Telecommunications System
- the UMTS will deliver advanced information directly to people and provide them with access to new and innovative services. It will offer mobile personalized communications to the mass market regardless of location, network or terminal used.
- a telecommunications network providing mobile cellular services such as a Public Land Mobile Network (PLMN)
- PLMN Public Land Mobile Network
- IP Internet Protocol
- WO0117310 discloses apparatus and methods for applying GSM security principles to authentication in packet data networks (PDNs). Authentication is based on a token which is generated by the PDN.
- PDNs packet data networks
- IP based mobile network architecture includes an application layer and a transport layer.
- the transport layer protocols and mechanisms are usually optimized for the specific type of access whereas the application layer is normally generic, this is independent of the type of access.
- the underlying transport layer In setting up a session in the application layer, the underlying transport layer has to set up transport bearers over the radio interface and in the transport network.
- authentication and authorization functions performing the identification and authentification of a service requester and the validation of the service request type to ensure that the service requester is authorized to use the particular network services.
- a particular need in this context is the need for bearer authorization, as quality of service required for an application needs special authorization for better than "best-effort" service.
- IP multimedia is an example of such an application.
- IP multimedia bearer authorization In 3GPP, related policy control is going to be specified for IP multimedia bearer authorization in such a way that a Packet Data Protocol (PDP) context is authorized against an ongoing multimedia session. Meanwhile, an interface between GGSN and PCF has been approved for that purpose.
- PDP Packet Data Protocol
- AUTN Authorization Token
- SIP Session Initiation Protocol
- PCF Proxy Call State Control Function
- this object is achieved by a method according to claim 1 and by a system according to claim 7.
- bearer authorization in a wireless communication network comprising an application layer and a transport layer is performed by: a) creating an authorization binding information in a control function of said application layer, e.g. in a Policy Control Function out of a plurality of Policy Control Functions or in an application server/proxy out of a plurality of application servers/proxies, e.g. a P-CSCF, provided in said wireless communication network, b) allocating a control funtion identifier representative of the actual address of said control function in said wireless communication network and incorporating said identifier into said authorization binding information, c) transmitting the so created authorization binding information to a terminal device, e.g.
- a terminal device e.g.
- the identifier is arranged to take a numerical integer value selected from a predetermined range of values.
- the authorization binding information may be dispatched from the terminal device to a node in the transport layer.
- the node may be a Serving GPRS Support Node, wherein the authorization binding information is further passed from the Serving GPRS Support Node to a Gateway GPRS Support Node in the transport layer.
- the node may be adapted to derive the actual control function address in the wireless communication network from the control function identifier incorporated in the authorization binding information.
- the node may be adapted to request authorization (au_req) from the control function having the derived actual address.
- the authorization binding information is an authorization token the creation of the which is initiated by transmitting authorization information from an application server/proxy in the application layer of the wireless communication network to one of a plurality of Policy Control Functions in the wireless communication network.
- the created authorization token is sent back to the application server/proxy, forwarded by the application server/proxy to the terminal device, passed by the terminal device to the transport layer of the wireless communication network, e.g. to a Serving GPRS Support Node (SGSN) within the transport layer, and passed from the Serving GPRS Support Node to a Gateway GPRS Support Node (GGSN) within the transport layer.
- SGSN Serving GPRS Support Node
- GGSN Gateway GPRS Support Node
- the transport layer of the wireless communication network e.g. Gateway GPRS Support Node
- the transport layer of the wireless communication network is adapted to derive the actual control function address in the wireless communication network from the control function identifier included in the Authorization Token and to request authorization from the control function having the derived actual address.
- the address derivation is carried out by the Gateway GPRS Support Node using an access point specific list of Policy Control Function identifiers and corresponding addresses.
- the system for bearer authorization in a wireless communication network advantageously includes the same constitutional elements and, thus, provides the same effects and benefits.
- Fig. 1 schematically shows a partial block diagram of a general packet switched domain architecture of a Public Land Mobile Network (PLMN), including e.g. a UMTS based radio access system in which multiple independent broadband wireless access networks are introduced as alternative or additional radio access technologies for providing access for User Equipments (UEs) of multiple radio technologies to UMTS based core networks.
- PLMN Public Land Mobile Network
- UEs User Equipments
- the transport layer is comprised of a GPRS system and the bearers for IMS session are provided by a PDP (Packet Data Protocol) context.
- PDP Packet Data Protocol
- the binding information is binding the transport layer bearer and the IMS session.
- Network interworking is required whenever a packet switched domain PLMN and any other network, such as a network based on the Internet Protocol (IP), are involved in the execution of a service request.
- IP Internet Protocol
- Such interworking is established via a PLMN to fixed network reference point Gi and an inter PLMN interface Gp interface connecting two independent PLMNs, respectively.
- a common packet switched domain core network provides packet-switched (PS) services and is designed to support several quality of service levels to allow efficient transfer of non-real time traffic, such as intermittent and bursty data transfers or occasional transmissions of large data volumes, and real-time traffic such as voice or video.
- a Serving GPRS Support Node forms the point of attachment of an individual Mobile Station (MS), consisting basically of a Terminal Equipment (TE) and a Mobile Terminal (MT), keeps track of the location thereof and performs security functions and access control.
- the SGSN is connected to the UMTS Terrestrial Radio Access Network (UTRAN) through an lu interface and to a Gateway GPRS Support Node (GGSN) via an IP-based intra PLMN backbone network (Gn interface).
- the SGSN establishes, at PDP context activation, a PDP context to be used for routing purposes with the GGSN and the UTRAN, i.e. the Radio Network Controller (RNC) in the UTRAN that a subscriber will be using.
- the GGSN then provides interworking with external packet switched networks.
- the GGSN may be connected to plural SGSNs via the intra PLMN or inter PLMN backbone networks.
- the MS in order to access PS services, that is to send and receive PS data, the MS must have the SGSN activate the appropriate PDP context in order to make itself known to the GGSN before interworking with external data networks can be started.
- the applicable PDP context related operations are also defined in the 3GPP specification TS 23 060.
- user data is then transferred transparently between the MS and the external data network, i.e. the GGSN or the MS, by equipping data packets with PS specific protocol information and transferring them by means of encapsulation and tunneling.
- initial authorization negotiations preparing for interworking are carried out between the GGSN and the P-CSCF thereto.
- Fig. 2 schematically shows the arrangement of the general packet switched domain architecture of Fig. 1 to which a Policy Control Function (PCF) is added, or co-located, in the P-CSCF. Signaling flow directions are indicated by corresponding arrows within broken lines.
- PCF Policy Control Function
- a plurality of PCFs are provided in at least one external network and arranged to communicate with the P-CSCF and the GGSN in the packet switched core network.
- signaling communications are established between the P-CSCF and the UE, between the UE and the SGSN, and between the SGSN and the GGSN.
- the P-CSCF In operation with existing multiple PCFs in an external network, the P-CSCF sends authorization information (au_inf) to one of those PCFs. In response thereto, an Authorization Token (AUTN) is created in the application layer by the addressed PCF to which the authorization request has been sent based on the authorization information forwarded by the P-CSCF, and is sent back to the P-CSCF to be dispatched toward the UE as authorization information.
- AUTN Authorization Token
- a PCF identifier is allocated for each PCF in an external network.
- the PCF identifier is a numerical integer value such as 1, 2, 3 etc.
- the PCF allocates this PCF identifier as part of the AUTN instead of the PCF address and sends the AUTN to the P-CSCF, which in turn forwards it to the UE.
- PCF identifier instead of the complete PCF address (or IP address) also reduces the size of the token and, thus, provides improved operational efficiency by reducing the transmission load or allows for the incorporation of further information into a token of the same size.
- the UE is not able to determine the current PCF address from the received AUTN, thus eliminating the security risk inherently involved in sending the PCF address to the UE.
- the restoration of the correct PCF address is performed as follows. After having received the AUTN, the UE dispatches it via a transport channel of the transport layer used for data transport to the SGSN when establishing the bearer or bearers for an IP multimedia session. The SGSN then forwards the AUTN to the GGSN communicating with the external network.
- the GGSN comprises an access point specific list of valid PCF identifiers and corresponding PCF addresses.
- the GGSN Upon reception of the AUTN including the PCF identifier, the GGSN is capable of deriving the correct PCF address from the PCF identifier and, thus, sending an authorization request (au_req) to the correct PCF, i.e. the one that had issued the AUTN earlier.
- the invention does not necessarily require the use of SIP, but is applicable to any signaling protocol of an application layer, used to set up application sessions over external (IP) networks wherein it is possible to carry respective message contents in the signaling message.
- the present invention is not restricted to the preferred embodiment described above, but can also be implemented in call-processing network elements and any network where an authorization binding information provides a mechanism for binding a bearer to an application session in order to set up an authorized connection.
- the preferred embodiment may thus vary within the scope of the attached claims.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Developing Agents For Electrophotography (AREA)
- Telephone Function (AREA)
Abstract
Description
- The present invention relates to a method and system for providing improved security for bearer authorization in a wireless communication network such as a Universal Mobile Telecommunications System (UMTS) network.
- Data services of the Global System for Mobile communications (GSM) have launched a new era of mobile communications. The early analog cellular modems had become unattractive to the market as they were slow and unreliable. Now the market for data is moving onwards (more bursty) and upwards (more traffic), and the standardization institutes are working towards higher data rates but more significantly also towards packet data services. This will certainly broaden the appeal to end users because data is routed more efficiently through the network and hence at lower costs, and also access times are reduced.
- As the general trend in data applications is to generate increasingly bursty data streams, this makes for inefficient use of a circuit switched connection. Moreover, fixed networks have seen an enormous growth in data traffic, not at least because of the rise of Internet access demand, such that it is to be supposed that mobile networks will spread as technology and customer expectations move on. The current GSM switch network is based on narrow band ISDN (Integrated Services Digital Network) circuits, so that the reason for rate limitations moves from the access network to the core network.
- The new General Packet Radio Services (GPRS) network will offer operators the ability to charge by the packet, and support data transfer across a high speed network at up to eight times slot radio interface capacity. GPRS introduces two new nodes into the GMS network, a Serving GPRS Support Node (SGSN) and a Gateway GPRS Support Node (GGSN). The SGSN keeps track of the location of the mobile terminal within its service area and sends and receives packets to/from the mobile terminal, passing them on to the RNC (Radio Network Controller) or to the GGSN. The GGSN receives the packets from external network, passing them on to the SGSN, or receives the packets from the SGSN, passing them on to the external network.
- The UMTS (Universal Mobile Telecommunications System) will deliver advanced information directly to people and provide them with access to new and innovative services. It will offer mobile personalized communications to the mass market regardless of location, network or terminal used.
- In the general packet domain architecture and transmission mechanism according to 3GPP (3rd Generation Partnership Project) Release '99, as defined in the 3GPP specification TS 23 060, a telecommunications network providing mobile cellular services, such as a Public Land Mobile Network (PLMN), has access points, reference points and interfaces used for mobile access and origination or reception of messages. In addition, network interworking is required whenever a packet switched PLMN and any other network, such as a network based on the Internet Protocol (IP), are involved in the execution of a service request.
-
WO0117310 - In the following, the term application layer will be used to designate an IP subsystem, e.g. an IP Multimedia Subsystem, where a P-CSCF (Proxy Call State Control Function) and PCFs (Policy Control Functions) are located. The IP based mobile network architecture includes an application layer and a transport layer. The transport layer protocols and mechanisms are usually optimized for the specific type of access whereas the application layer is normally generic, this is independent of the type of access. In setting up a session in the application layer, the underlying transport layer has to set up transport bearers over the radio interface and in the transport network.
- Among the network and interworking control functions necessary in such network architectures are authentication and authorization functions performing the identification and authentification of a service requester and the validation of the service request type to ensure that the service requester is authorized to use the particular network services.
- A particular need in this context is the need for bearer authorization, as quality of service required for an application needs special authorization for better than "best-effort" service. IP multimedia is an example of such an application.
- In 3GPP, related policy control is going to be specified for IP multimedia bearer authorization in such a way that a Packet Data Protocol (PDP) context is authorized against an ongoing multimedia session. Meanwhile, an interface between GGSN and PCF has been approved for that purpose.
- In order to map a PDP context to an IP multimedia session, it has been proposed to use an Authorization Token (AUTN) as a binding information. Currently, this AUTN is intended to be a Session Initiation Protocol (SIP) parameter to be specified within an authorization scheme extension to SIP by the Internet Engineering Task Force (IETF).
- In 3GPP, it is currently considered to co-locate the PCF in the Proxy Call State Control Function (P-CSCF), as is the case in the 3GPP UMTS Release 5 specifications. However, if in future releases of this specification the PCF is implemented as a separate entity, correct PCF determination may be problematic when multiple PCFs exist in an external network.
- In order to address this problem, it has further been proposed to allocate the PCF address as part of the AUTN sent to a User Equipment (UE). Sending the PCF address to a UE may, however, represent a security risk, especially in cases in which the SIP application resides in a Terminal Equipment (TE) such as e.g. a laptop. In particular, a misbehaving UE may then block the PCF by sending authorization requests again and again to it.
- It is therefore an object of the present invention to provide a method and a system for bearer authorization which provides improved security for service access authorization.
- According to the invention, this object is achieved by a method according to claim 1 and by a system according to claim 7.
- Advantageous further developments of the invention are subject of the appended dependent claims.
- Accordingly, bearer authorization in a wireless communication network comprising an application layer and a transport layer is performed by: a) creating an authorization binding information in a control function of said application layer, e.g. in a Policy Control Function out of a plurality of Policy Control Functions or in an application server/proxy out of a plurality of application servers/proxies, e.g. a P-CSCF, provided in said wireless communication network, b) allocating a control funtion identifier representative of the actual address of said control function in said wireless communication network and incorporating said identifier into said authorization binding information, c) transmitting the so created authorization binding information to a terminal device, e.g. user equipment, having access to said wireless communication network, and d) carrying out said bearer authorization for said terminal device through said transport layer of the wireless communication network by deriving the actual address of said control function from which the authorization binding information has originated in said wireless communication network based on the control function identifier included in said authorization binding information.
- Preferably, the identifier is arranged to take a numerical integer value selected from a predetermined range of values.
- The authorization binding information may be dispatched from the terminal device to a node in the transport layer. The node may be a Serving GPRS Support Node, wherein the authorization binding information is further passed from the Serving GPRS Support Node to a Gateway GPRS Support Node in the transport layer. The node may be adapted to derive the actual control function address in the wireless communication network from the control function identifier incorporated in the authorization binding information. Furthermore, the node may be adapted to request authorization (au_req) from the control function having the derived actual address.
- Further preferably, the authorization binding information is an authorization token the creation of the which is initiated by transmitting authorization information from an application server/proxy in the application layer of the wireless communication network to one of a plurality of Policy Control Functions in the wireless communication network.
- In an advantageous constitution, the created authorization token is sent back to the application server/proxy, forwarded by the application server/proxy to the terminal device, passed by the terminal device to the transport layer of the wireless communication network, e.g. to a Serving GPRS Support Node (SGSN) within the transport layer, and passed from the Serving GPRS Support Node to a Gateway GPRS Support Node (GGSN) within the transport layer.
- Thereby, the transport layer of the wireless communication network, e.g. Gateway GPRS Support Node, is adapted to derive the actual control function address in the wireless communication network from the control function identifier included in the Authorization Token and to request authorization from the control function having the derived actual address.
- Particularly preferred and advantageous, the address derivation is carried out by the Gateway GPRS Support Node using an access point specific list of Policy Control Function identifiers and corresponding addresses.
- The system for bearer authorization in a wireless communication network according to the present invention advantageously includes the same constitutional elements and, thus, provides the same effects and benefits.
- In the following, the present invention will be described in greater detail in accordance with preferred embodiments thereof and with reference to the accompanying drawings, in which:
- Fig. 1 schematically shows a partial block diagram of a general packet domain architecture into which the present invention can be implemented; and
- Fig 2 illustrates in simplified manner the principle of an IP multimedia bearer authorization using an authorization token according to an embodiment of the present invention.
- Fig. 1 schematically shows a partial block diagram of a general packet switched domain architecture of a Public Land Mobile Network (PLMN), including e.g. a UMTS based radio access system in which multiple independent broadband wireless access networks are introduced as alternative or additional radio access technologies for providing access for User Equipments (UEs) of multiple radio technologies to UMTS based core networks.
- In the preferred embodiment, the transport layer is comprised of a GPRS system and the bearers for IMS session are provided by a PDP (Packet Data Protocol) context. Thus, the binding information (AUTH) is binding the transport layer bearer and the IMS session.
- Network interworking is required whenever a packet switched domain PLMN and any other network, such as a network based on the Internet Protocol (IP), are involved in the execution of a service request. Such interworking is established via a PLMN to fixed network reference point Gi and an inter PLMN interface Gp interface connecting two independent PLMNs, respectively.
- A common packet switched domain core network (CN) provides packet-switched (PS) services and is designed to support several quality of service levels to allow efficient transfer of non-real time traffic, such as intermittent and bursty data transfers or occasional transmissions of large data volumes, and real-time traffic such as voice or video.
- A Serving GPRS Support Node (SGSN) forms the point of attachment of an individual Mobile Station (MS), consisting basically of a Terminal Equipment (TE) and a Mobile Terminal (MT), keeps track of the location thereof and performs security functions and access control. The SGSN is connected to the UMTS Terrestrial Radio Access Network (UTRAN) through an lu interface and to a Gateway GPRS Support Node (GGSN) via an IP-based intra PLMN backbone network (Gn interface). The SGSN establishes, at PDP context activation, a PDP context to be used for routing purposes with the GGSN and the UTRAN, i.e. the Radio Network Controller (RNC) in the UTRAN that a subscriber will be using. The GGSN then provides interworking with external packet switched networks. The GGSN may be connected to plural SGSNs via the intra PLMN or inter PLMN backbone networks.
- As mentioned above, in order to access PS services, that is to send and receive PS data, the MS must have the SGSN activate the appropriate PDP context in order to make itself known to the GGSN before interworking with external data networks can be started. The applicable PDP context related operations are also defined in the 3GPP specification TS 23 060. During interworking, user data is then transferred transparently between the MS and the external data network, i.e. the GGSN or the MS, by equipping data packets with PS specific protocol information and transferring them by means of encapsulation and tunneling.
- Accordingly, initial authorization negotiations preparing for interworking are carried out between the GGSN and the P-CSCF thereto.
- A preferred embodiment of the present invention will now be described with reference to Fig. 2.
- Fig. 2 schematically shows the arrangement of the general packet switched domain architecture of Fig. 1 to which a Policy Control Function (PCF) is added, or co-located, in the P-CSCF. Signaling flow directions are indicated by corresponding arrows within broken lines.
- According to Fig. 2, a plurality of PCFs are provided in at least one external network and arranged to communicate with the P-CSCF and the GGSN in the packet switched core network. In addition, signaling communications are established between the P-CSCF and the UE, between the UE and the SGSN, and between the SGSN and the GGSN.
- In operation with existing multiple PCFs in an external network, the P-CSCF sends authorization information (au_inf) to one of those PCFs. In response thereto, an Authorization Token (AUTN) is created in the application layer by the addressed PCF to which the authorization request has been sent based on the authorization information forwarded by the P-CSCF, and is sent back to the P-CSCF to be dispatched toward the UE as authorization information.
- Now, if as in the conventional arrangement the PCF address is allocated as part of the AUTN and, thus, included therein, sending the AUTN to the UE involves sending also the PCF address to the UE, resulting in the inherent security risk mentioned above.
- According to the preferred embodiment, a PCF identifier is allocated for each PCF in an external network. The PCF identifier is a numerical integer value such as 1, 2, 3 etc. When the PCF then creates an AUTN, the PCF allocates this PCF identifier as part of the AUTN instead of the PCF address and sends the AUTN to the P-CSCF, which in turn forwards it to the UE.
- Advantageously, using the PCF identifier instead of the complete PCF address (or IP address) also reduces the size of the token and, thus, provides improved operational efficiency by reducing the transmission load or allows for the incorporation of further information into a token of the same size.
- As the information given to the UE only includes the PCF identifier value, the UE is not able to determine the current PCF address from the received AUTN, thus eliminating the security risk inherently involved in sending the PCF address to the UE.
- The restoration of the correct PCF address is performed as follows. After having received the AUTN, the UE dispatches it via a transport channel of the transport layer used for data transport to the SGSN when establishing the bearer or bearers for an IP multimedia session. The SGSN then forwards the AUTN to the GGSN communicating with the external network.
- According to the present invention, the GGSN comprises an access point specific list of valid PCF identifiers and corresponding PCF addresses. Upon reception of the AUTN including the PCF identifier, the GGSN is capable of deriving the correct PCF address from the PCF identifier and, thus, sending an authorization request (au_req) to the correct PCF, i.e. the one that had issued the AUTN earlier.
- It should be appreciated that the invention does not necessarily require the use of SIP, but is applicable to any signaling protocol of an application layer, used to set up application sessions over external (IP) networks wherein it is possible to carry respective message contents in the signaling message.
- It is also noted that the present invention is not restricted to the preferred embodiment described above, but can also be implemented in call-processing network elements and any network where an authorization binding information provides a mechanism for binding a bearer to an application session in order to set up an authorized connection. The preferred embodiment may thus vary within the scope of the attached claims.
Claims (20)
- A method for bearer authorization for a terminal device (UE) by a control function (PCF) in a wireless communication network comprising an application layer and a transport layer, said method comprising the steps of:a) creating in said control function of said application layer an authorization binding information for binding a bearer to an application session in order to set up an authorized connection;b) allocating a control function identifier representative of the actual address of said control function in said wireless communication network and incorporating said identifier into said authorization binding information;c) transmitting the so created authorization binding information to said terminal device having access to said wireless communication network; andd) carrying out said bearer authorization for said terminal device through said transport layer of said wireless communication network by deriving the actual address of said control function from which the authorization binding information has originated in said wireless communication network based on the control function identifier included in said authorization binding information.
- A method according to claim 1, wherein said identifier is arranged to take a numerical integer value selected from a predetermined range of values.
- A method according to claim 1 or 2, wherein said authorization binding information comprises an authorization token, the creation of which is initiated by transmitting authorization information from a Proxy Call State Control Function (P-CSCF) in the wireless communication network to one of a plurality of Policy Control Functions in said wireless communication network.
- A method according to claim 3, wherein the created Authorization Token is sent to said Proxy Call State Control Function and forwarded by said Proxy Call State Control Function to said terminal device,
- A method according to any of the preceding claims, wherein said authorization binding information is dispatched from said terminal device to a node in said transport layer.
- A method according to claim 5. wherein said node is a Serving GPRS Support Node, and the authorization binding information is further passed from said Serving GPRS Support Node to a Gateway GPRS Support Node in said transport layer.
- A method according to claim 5, wherein said node is adapted to derive said actual control function address in said wireless communication network from the control function identifier incorporated in said authorization binding information.
- A method according to claim 7, wherein said node is adapted to request authorization from the control function having said derived actual address.
- A method according to claim 7, wherein said address derivation is carried out by said node using an access point specific list of control function identifiers and corresponding addresses.
- A method according to claim 6, wherein said Gateway GPRS Support Node is adapted to derive said actual Policy Control Function address in said wireless communication network from the Policy Control Function identifier included in said Authorization Token and to request authorization from the Policy Control Function having the derived actual address.
- A method according to claim 10, wherein said address derivation is carried out by said Gateway GPRS Support Node using an access point specific list of Policy Control Function identifiers and corresponding addresses.
- A system for bearer authorization for a terminal device by a control function in a wireless communication network, comprising:a) means for creating in a control function (PCF) provided in an application layer of said wireless communication network an authorization binding information for binding a bearer to an application session in order to set up an authorized connection;b) means for allocating a control function identifier representative of the actual address of said control function in said wireless communication network and for incorporating said identifier into said authorization binding information;c) means for transmitting the so created authorization binding information to said terminal device (UE) having access to said wireless communication network; andd) means for carrying out said bearer authorization for said terminal device through a transport layer of said wireless communication network by deriving the actual address of said control function from which the authorization binding information has originated in said wireless communication network based on the control function identifier included in said authorization binding information.
- A system according to claim 12, wherein said identifier is a numerical integer value selected from a predetermined range of values.
- A system according to claim 12 or 13, wherein said authorization binding information comprises an authorization token the creation of which is initiated by a Proxy Call State Control Function (P-CSCF) in a core network (CN) transmitting authorization information to one of a plurality of Policy Control Functions in said wireless communication network.
- A system according to claim 14, wherein said Policy Control Function is arranged to send the created authorization token back to said Proxy Call State Control Function, said Proxy Call State Control Function is arranged to forward the token to said terminal device, said terminal device is arranged to pass the token to a Serving GPRS Support Node (SGSN) within-said core network, and said Serving GPRS Support Node is arranged to pass the token to a Gateway GPRS Support Node (GGSN) within said core network.
- A system according to claim 15, wherein said Gateway GPRS Support Node is arranged to derive said actual Policy Control Function address in said wireless communication network from the Policy Control Function identifier included in said authorization token and to request authorization (au_req) from the Policy Control Function having the derived actual address.
- A system according to claim 16, wherein said Gateway GPRS Support Node is arranged to carry out said address derivation using an access point specific list of Policy Control Function identifiers and corresponding addresses.
- A terminal device for providing access to a wireless communication network, said terminal device (UE) comprising:a) means for receiving from said wireless communication network an authorization binding information with a control function identifier representative of an actual address of a control function in said wireless communication network, said authorization binding information being used for binding a bearer to an application session in order to set up an authorized connection, and said control function being used for performing bearer authorization for said terminal device (UE); andb) means for dispatching said authorization binding information with said control function identifier through a transport layer to said wireless communication network during bearer establishment.
- A gateway node of a wireless communication network, comprising means for carrying out a bearer authorization for a terminal device (UE) by a control function through a transport layer of said wireless communication network by deriving an actual address of said control function, from which an authorization binding information has originated in said wireless communication network, based on a control function identifier included in a received authorization binding information for binding a bearer to an application session in order to set up an authorized connection.
- A control function device for providing a policy control function in an application layer of a wireless communication network, comprising:a) means for creating an authorization binding information for binding a bearer to an application session in order to set up an authorized connection;b) means for allocating a control function identifier representative of an actual address of said control function in said wireless communication network and for incorporating said identifier into said authorization binding information, said control function being used for performing bearer authorization for a terminal device (UE); andc) means for transmitting the so created authorization binding information to said terminal device (UE) having access to said wireless communication network.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
ES01960407T ES2292609T3 (en) | 2001-06-27 | 2001-06-27 | METHOD AND SYSTEM FOR CARRIER AUTHORIZATION IN A WIRELESS COMMUNICATIONS NETWORK. |
EP07017791A EP1863220A3 (en) | 2001-06-27 | 2001-06-27 | Method and system for bearer authorization in a wireless communication network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP2001/007345 WO2003003690A1 (en) | 2001-06-27 | 2001-06-27 | Method and system for bearer authorization in a wireless communication network |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP07017791A Division EP1863220A3 (en) | 2001-06-27 | 2001-06-27 | Method and system for bearer authorization in a wireless communication network |
Publications (2)
Publication Number | Publication Date |
---|---|
EP1405483A1 EP1405483A1 (en) | 2004-04-07 |
EP1405483B1 true EP1405483B1 (en) | 2007-09-12 |
Family
ID=8164472
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP01960407A Expired - Lifetime EP1405483B1 (en) | 2001-06-27 | 2001-06-27 | Method and system for bearer authorization in a wireless communication network |
Country Status (10)
Country | Link |
---|---|
US (1) | US7506362B2 (en) |
EP (1) | EP1405483B1 (en) |
JP (1) | JP3964865B2 (en) |
KR (1) | KR100697119B1 (en) |
CN (2) | CN100512276C (en) |
AT (1) | ATE373376T1 (en) |
BR (1) | BRPI0113044B1 (en) |
CA (1) | CA2426164C (en) |
DE (1) | DE60130498T2 (en) |
WO (1) | WO2003003690A1 (en) |
Families Citing this family (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7506362B2 (en) * | 2001-06-27 | 2009-03-17 | Nokia Siemens Networks Oy | Method and system for bearer authorization in a wireless communication network |
US20040187021A1 (en) * | 2003-02-10 | 2004-09-23 | Rasanen Juha A. | Mobile network having IP multimedia subsystem (IMS) entities and solutions for providing simplification of operations and compatibility between different IMS entities |
US20050054326A1 (en) * | 2003-09-09 | 2005-03-10 | Todd Rogers | Method and system for securing and monitoring a wireless network |
GB0400080D0 (en) * | 2004-01-05 | 2004-02-04 | Nokia Corp | Controlling data sessions in a communications system |
DE102004004527B4 (en) * | 2004-01-22 | 2006-04-20 | Siemens Ag | Method for authorization control of data transmission in a data mobile network |
US7436766B2 (en) * | 2005-04-04 | 2008-10-14 | Lucent Technologies Inc. | Telecommunication network support for service based policy in roaming configurations |
US7376081B2 (en) * | 2005-04-04 | 2008-05-20 | Lucent Technologies Inc. | Establishment of QoS by applications in cellular networks using service based policy control mechanisms |
US7414970B2 (en) * | 2005-04-04 | 2008-08-19 | Lucent Technologies Inc. | Provision of static QoS control using dynamic service based policy mechanisms |
US8191116B1 (en) * | 2005-08-29 | 2012-05-29 | At&T Mobility Ii Llc | User equipment validation in an IP network |
CN1859357B (en) * | 2006-03-16 | 2010-12-08 | 华为技术有限公司 | Communication method, system and device |
JP4572181B2 (en) * | 2006-07-13 | 2010-10-27 | 株式会社日立製作所 | QoS control system |
US7984130B2 (en) * | 2006-07-14 | 2011-07-19 | Cellco Partnership | Multimedia next generation network architecture for IP services delivery based on network and user policy |
JP4564023B2 (en) * | 2007-02-02 | 2010-10-20 | ノキア シーメンス ネットワークス オサケユイチア | Bearer permission method and system in wireless communication network |
CN101483847B (en) * | 2008-01-07 | 2012-10-03 | 华为技术有限公司 | Method, apparatus and system for implementing policy control |
KR101051023B1 (en) * | 2009-05-08 | 2011-07-26 | 주식회사 케이티 | Mobile Communication System Supporting Multiple PCR and Its Method |
WO2017125265A1 (en) * | 2016-01-19 | 2017-07-27 | British Telecommunications Public Limited Company | Authentication of data transmission devices |
US10491753B2 (en) * | 2018-03-27 | 2019-11-26 | T-Mobile Usa, Inc. | Optimized policy control function mapping for application function |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5796727A (en) | 1993-04-30 | 1998-08-18 | International Business Machines Corporation | Wide-area wireless lan access |
JP4008049B2 (en) * | 1995-03-20 | 2007-11-14 | 富士通株式会社 | Address transmitting apparatus, address transmitting method and address transmitting system |
US6608832B2 (en) * | 1997-09-25 | 2003-08-19 | Telefonaktiebolaget Lm Ericsson | Common access between a mobile communications network and an external network with selectable packet-switched and circuit-switched and circuit-switched services |
WO2001017310A1 (en) * | 1999-08-31 | 2001-03-08 | Telefonaktiebolaget L M Ericsson (Publ) | Gsm security for packet data networks |
US7079499B1 (en) * | 1999-09-08 | 2006-07-18 | Nortel Networks Limited | Internet protocol mobility architecture framework |
JP3688547B2 (en) * | 2000-02-15 | 2005-08-31 | 株式会社東芝 | Location identifier management device, mobile computer, location identifier management method, and location identifier processing method |
US7546376B2 (en) * | 2000-11-06 | 2009-06-09 | Telefonaktiebolaget Lm Ericsson (Publ) | Media binding to coordinate quality of service requirements for media flows in a multimedia session with IP bearer resources |
US6816912B1 (en) * | 2000-12-01 | 2004-11-09 | Utstarcom, Inc. | Method and system for tunnel optimized call setup for mobile nodes |
US20020138622A1 (en) * | 2001-03-21 | 2002-09-26 | Motorola, Inc. | Apparatus and method of using long lived addresses in a private network for push messaging to mobile devices |
US20020184510A1 (en) * | 2001-04-17 | 2002-12-05 | At&T Wireless Services, Inc. | Binding information for IP media flows |
US7506362B2 (en) * | 2001-06-27 | 2009-03-17 | Nokia Siemens Networks Oy | Method and system for bearer authorization in a wireless communication network |
US6973086B2 (en) * | 2002-01-28 | 2005-12-06 | Nokia Corporation | Method and system for securing mobile IPv6 home address option using ingress filtering |
US7453852B2 (en) * | 2003-07-14 | 2008-11-18 | Lucent Technologies Inc. | Method and system for mobility across heterogeneous address spaces |
US20060291422A1 (en) * | 2005-06-27 | 2006-12-28 | Nokia Corporation | Mobility management in a communication system of at least two communication networks |
-
2001
- 2001-06-27 US US10/344,104 patent/US7506362B2/en not_active Expired - Lifetime
- 2001-06-27 KR KR1020037002569A patent/KR100697119B1/en active IP Right Grant
- 2001-06-27 EP EP01960407A patent/EP1405483B1/en not_active Expired - Lifetime
- 2001-06-27 DE DE60130498T patent/DE60130498T2/en not_active Expired - Lifetime
- 2001-06-27 CN CNB018234151A patent/CN100512276C/en not_active Expired - Lifetime
- 2001-06-27 WO PCT/EP2001/007345 patent/WO2003003690A1/en active IP Right Grant
- 2001-06-27 JP JP2003509741A patent/JP3964865B2/en not_active Expired - Fee Related
- 2001-06-27 CN CNA2008100915772A patent/CN101448259A/en active Pending
- 2001-06-27 CA CA002426164A patent/CA2426164C/en not_active Expired - Lifetime
- 2001-06-27 BR BRPI0113044A patent/BRPI0113044B1/en active IP Right Grant
- 2001-06-27 AT AT01960407T patent/ATE373376T1/en not_active IP Right Cessation
Also Published As
Publication number | Publication date |
---|---|
US20040073686A1 (en) | 2004-04-15 |
WO2003003690A1 (en) | 2003-01-09 |
CN1522525A (en) | 2004-08-18 |
KR20030027067A (en) | 2003-04-03 |
CA2426164A1 (en) | 2003-01-09 |
KR100697119B1 (en) | 2007-03-21 |
DE60130498D1 (en) | 2007-10-25 |
CA2426164C (en) | 2009-08-11 |
CN101448259A (en) | 2009-06-03 |
JP2004521577A (en) | 2004-07-15 |
JP3964865B2 (en) | 2007-08-22 |
EP1405483A1 (en) | 2004-04-07 |
BR0113044A (en) | 2003-07-01 |
ATE373376T1 (en) | 2007-09-15 |
DE60130498T2 (en) | 2008-06-12 |
BRPI0113044B1 (en) | 2016-05-31 |
US7506362B2 (en) | 2009-03-17 |
CN100512276C (en) | 2009-07-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1018275B1 (en) | Selectable packet-switched and circuit-switched services in a mobile communications network | |
EP1405483B1 (en) | Method and system for bearer authorization in a wireless communication network | |
EP1982475B1 (en) | Method and devices for installing packet filters in a data transmission | |
EP1273134B1 (en) | A technique for setting up calls in internet protocol mobile network | |
US20040109459A1 (en) | Packet filter provisioning to a packet data access node | |
US7283513B2 (en) | Call control network, access control server and call control method | |
EP2273752B1 (en) | Controlling data sessions in a communication system | |
US20040029615A1 (en) | Transmission of voice over packet-switched systems | |
EP1820305B1 (en) | Method and system for implementation of sblp for a wlan-gsm/3g integrated system | |
WO2005039115A1 (en) | Arrangement and method for providing user stations with access to service providing networks | |
US7286475B2 (en) | GPRS system and in-zone node apparatus, and bearer setting method used therefor | |
CA2741642C (en) | Method and system for realizing emergency calling service in high rate packet data network | |
EP1863220A2 (en) | Method and system for bearer authorization in a wireless communication network | |
EP1702450B1 (en) | Controlling data sessions in a communication system | |
JP4564023B2 (en) | Bearer permission method and system in wireless communication network | |
EP1832042B1 (en) | Method for providing a bearer service to a mobile station in a telecommunications system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20040127 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
AX | Request for extension of the european patent |
Extension state: AL LT LV MK RO SI |
|
17Q | First examination report despatched |
Effective date: 20060712 |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REF | Corresponds to: |
Ref document number: 60130498 Country of ref document: DE Date of ref document: 20071025 Kind code of ref document: P |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: FG4D |
|
ET | Fr: translation filed | ||
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20070912 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20070912 Ref country code: AT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20070912 Ref country code: CH Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20070912 |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: FG2A Ref document number: 2292609 Country of ref document: ES Kind code of ref document: T3 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: GR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20071213 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: PT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20080212 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20071212 |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: DK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20070912 |
|
26N | No opposition filed |
Effective date: 20080613 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MC Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20080630 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20080627 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: CY Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20070912 |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: 732E Free format text: REGISTERED BETWEEN 20100701 AND 20100707 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LU Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20080627 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: TR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20070912 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: TP |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: SD Effective date: 20101230 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R082 Ref document number: 60130498 Country of ref document: DE |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R081 Ref document number: 60130498 Country of ref document: DE Owner name: NOKIA SOLUTIONS AND NETWORKS OY, FI Free format text: FORMER OWNER: NOKIA CORP., ESPOO, FI Effective date: 20120131 Ref country code: DE Ref legal event code: R081 Ref document number: 60130498 Country of ref document: DE Owner name: NOKIA SOLUTIONS AND NETWORKS OY, FI Free format text: FORMER OWNER: NOKIA CORP., 02610 ESPOO, FI Effective date: 20120131 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R081 Ref document number: 60130498 Country of ref document: DE Owner name: NOKIA SOLUTIONS AND NETWORKS OY, FI Free format text: FORMER OWNER: NOKIA SIEMENS NETWORKS OY, ESPOO, FI Effective date: 20140521 |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: PC2A Owner name: NOKIA SOLUTIONS AND NETWORKS OY Effective date: 20141121 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: CD Owner name: NOKIA SOLUTIONS AND NETWORKS OY, FI Effective date: 20141201 |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: TD Effective date: 20150126 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 16 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 17 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 18 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R081 Ref document number: 60130498 Country of ref document: DE Owner name: NOKIA TECHNOLOGIES OY, FI Free format text: FORMER OWNER: NOKIA SOLUTIONS AND NETWORKS OY, ESPOO, FI |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: 732E Free format text: REGISTERED BETWEEN 20200402 AND 20200408 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: FR Payment date: 20200512 Year of fee payment: 20 Ref country code: DE Payment date: 20200617 Year of fee payment: 20 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: BE Payment date: 20200515 Year of fee payment: 20 Ref country code: NL Payment date: 20200615 Year of fee payment: 20 Ref country code: GB Payment date: 20200617 Year of fee payment: 20 Ref country code: IT Payment date: 20200512 Year of fee payment: 20 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: ES Payment date: 20200701 Year of fee payment: 20 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R071 Ref document number: 60130498 Country of ref document: DE |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: MK Effective date: 20210626 |
|
REG | Reference to a national code |
Ref country code: BE Ref legal event code: MK Effective date: 20210627 |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: PE20 Expiry date: 20210626 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: GB Free format text: LAPSE BECAUSE OF EXPIRATION OF PROTECTION Effective date: 20210626 |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: FD2A Effective date: 20211026 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: ES Free format text: LAPSE BECAUSE OF EXPIRATION OF PROTECTION Effective date: 20210628 |